CVE-2017-7938
MEDIUMMor-pah.net Dmitry Deepmagic Informat... - Memory Corruption
Title source: ruleDescription
Stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) version 1.3a (Unix) allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long argument. An example threat model is automated execution of DMitry with hostname strings found in local log files.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by FarazPajohan · textdoslinux
https://www.exploit-db.com/exploits/41898
References (5)
Core 5
Core References
Exploit, Third Party Advisory
https://cxsecurity.com/issue/WLB-2017040113
Exploit, Third Party Advisory, VDB Entry
https://packetstormsecurity.com/files/142210/Dmitry-1.3a-Local-Stack-Buffer-Overflow.html
Issue Tracking
https://github.com/jaygreig86/dmitry/pull/12
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/41898/
Scores
CVSS v3
6.6
EPSS
0.0189
EPSS Percentile
83.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-119
Status
published
Products (1)
mor-pah.net/dmitry_deepmagic_information_gathering_tool
1.3a
Published
Apr 20, 2017
Tracked Since
Feb 18, 2026